Deep Security Center

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Application Control For Mail Client
1002452* - Application Control For Eudora


DNS Server
1007648 - PowerDNS Authoritative Server DNS Packet Processing Denial Of Service Vulnerability (CVE-2015-5311)


Suspicious Client Ransomware Activity
1007579* - Ransomware HTTP Request
1007577* - Ransomware Hydra


Suspicious Server Application Activity
1002378* - Detected Virtual Network Computing (VNC) Server Traffic


Suspicious Server Ransomware Activity
1007580* - Ransomware HTTP Request-1


Web Application Common
1007715* - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118)
1007609* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714)


Web Application PHP Based
1007298* - Joomla Core Remote Code Execution Vulnerability (CVE-2015-8562)


Web Client Common
1006532* - Identified Malicious Adobe Flash SWF File - 1
1007738* - ImageMagick And GraphicsMagick Remote Code Execution Vulnerability (CVE-2016-5118) - 1
1007611* - ImageMagick Remote Code Execution Vulnerability (CVE-2016-3714) - 1
1008033* - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-7255)
1008044 - OpenJPEG JPEG2000 MCC Record Code Execution Vulnerability (CVE-2016-8332)


Web Client Internet Explorer/Edge
1006383* - Microsoft Internet Explorer VBScript Memory Corruption Vulnerability (CVE-2014-6363)


Web Server Common
1007651* - Identified Absence Of Configured CDN/Reverse Proxy HTTP Header


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DNS Client
1007425* - ISC BIND OpenPGP Key Handler Denial Of Service Vulnerability (CVE-2015-5986)
1007465* - ISC BIND Response Handler Denial Of Service Vulnerability (CVE-2015-8000)


Database Oracle
1003510* - Oracle Database Server LT.ROLLBACKWORKSPACE SQL Injection


HP OpenView Network Node Manager
1007643* - HP OpenView Network Node Manager ovw.dll Message Handling Buffer Overflow (CVE-2008-1842)


NTP Server Linux
1007399 - NTP Long Control Packet Message Denial Of Service Vulnerability (CVE-2015-7855)


OpenSSL
1008039 - OpenSSL SSL3_AL_WARNING Remote Denial Of Service Vulnerability (CVE-2016-8610)


Suspicious Client Application Activity
1007907* - Cisco ASA Memory Corruption Vulnerability (CVE-2016-6366)


Web Client Common
1007310* - Adobe Flash Player Heap Overflow Vulnerability (CVE-2015-8446)
1008042 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-37)
1007620* - Microsoft Windows Graphics Component Information Disclosure Vulnerability (CVE-2016-0168)
1007622* - Microsoft Windows Graphics Component RCE Vulnerability (CVE-2016-0170)


Web Client Internet Explorer/Edge
1007983* - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-7189)
1007985* - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298)
1007928* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)


Web Server HTTPS
1007253* - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution


Web Server Miscellaneous
1007993* - RedHat JBoss Web Application Server Remote Information Disclosure Vulnerability (CVE-2005-2006)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services - Client
1007913* - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client


HP OpenView Network Node Manager
1007643 - HP OpenView Network Node Manager ovw.dll Message Handling Buffer Overflow (CVE-2008-1842)


Microsoft Office
1008024 - Microsoft Office Information Disclosure Vulnerability (CVE-2016-7233)
1008018 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7213)
1008019 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7228)
1008020 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7229)
1008021 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7230)
1008022 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7231)
1008023 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7232)
1008025 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7234)
1008026 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7235)
1008027 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7236)


NTP Server Linux
1007383 - NTP Configuration Directive File Overwrite Vulnerability (CVE-2015-7703)


Web Application PHP Based
1007973 - PHP ZipArchive Integer Overflow Vulnerability (CVE-2016-3078)


Web Client Common
1008029 - Microsoft Windows Animation Manager Memory Corruption Vulnerability (CVE-2016-7205)
1008031 - Microsoft Windows Media Foundation Memory Corruption Vulnerability (CVE-2016-7217)
1008035 - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-138)
1007990 - Microsoft Windows Multiple Security Vulnerabilities (MS16-134)
1008034 - Microsoft Windows Multiple Security Vulnerabilities (MS16-135)
1008030 - Microsoft Windows OpenType Font Information Disclosure Vulnerability (CVE-2016-7210)
1008036 - Microsoft Windows OpenType Font Parsing Vulnerability (CVE-2016-7256)


Web Client Internet Explorer/Edge
1008014 - Microsoft Edge Information Disclosure Vulnerability (CVE-2016-7204)
1007994* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7194)
1008008 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7200)
1008009 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7201)
1008013 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7202)
1008010 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7203)
1008016 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7240)
1008011 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7242)
1008015 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-7227)
1008012 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7195)
1008006 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7196)
1008007 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-7198)
1008017 - Microsoft Internet Explorer And Edge Remote Code Execution Vulnerability (CVE-2016-7241)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DNS Client
1007458* - glibc getaddrinfo Stack Based Buffer Overflow Vulnerability (CVE-2015-7547)


Web Client Common
1008003* - Adobe Flash Player Use-After-Free Vulnerability (CVE-2016-7855)
1008033 - Microsoft Windows Elevation Of Privilege Vulnerability
1007929* - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007930* - Microsoft Windows PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)


Web Client Internet Explorer/Edge
1007923* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3325)


Web Server Common
1000128* - HTTP Protocol Decoding
1005496* - Identified HTTP Request Smuggling Attack


Web Server HTTPS
1007253* - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution


Web Server Miscellaneous
1007522* - JBoss Seam Parameterized EL Expressions Remote Code Execution Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Web Application PHP Based
1008005 - Joomla Core Security Bypass Vulnerabilities


Web Client Common
1008003* - Adobe Flash Player Use-After-Free Vulnerability (CVE-2016-7855)
1007978* - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3263)
1007976* - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-120)
1007975* - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)


Web Client Internet Explorer/Edge
1007987* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3382)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Suspicious Server Application Activity
1003786* - Detected SNMP Server Traffic


Unix Samba
1004252* - Samba 'SMB1 Packet Chaining' Unspecified Remote Memory Corruption Vulnerability


Web Application PHP Based
1007739* - PHP TAR File Parsing Uninitialized Reference Vulnerability (CVE-2016-4343)


Web Application Tomcat
1003854* - Identified Login Attempt To Apache Tomcat Manager Using Default Credentials


Web Client Common
1007677 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-4137)
1008003 - Adobe Flash Player Use-After-Free Vulnerability
1007930* - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3374)
1007995* - Microsoft Windows Diagnostics Hub Elevation Of Privilege (CVE-2016-7188)
1007988* - Microsoft Windows Multiple Security Vulnerabilities (MS16-124)
1007665* - Microsoft Windows PDF Remote Code Execution Vulnerability (CVE-2016-3203)
1007908 - WPS Office PowerPoint Memory Corruption Vulnerability
1007909 - WPS Office SpreadSheet Memory Corruption Vulnerability
1007910 - WPS Office Writer Memory Corruption Vulnerability


Web Client Internet Explorer/Edge
1007984* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1007982* - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7190)
1007991* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3267)
1007980* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385)
1007903 - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189) - 1


Web Server Common
1007914* - Symfony Security Component Denial Of Service Vulnerability


Web Server HTTPS
1007253 - Trend Micro Threat Intelligence Manager Multiple Vulnerabilities Remote Code Execution


Web Server Miscellaneous
1007528* - GlassFish Java EE Application Server Arbitrary File Read Vulnerability
1007993 - RedHat JBoss Web Application Server Remote Information Disclosure Vulnerability (CVE-2005-2006)


Web Service HP SiteScope
1007742* - HP SiteScope DNS Tool Command Injection Vulnerability


Windows Services RPC Client
1007494* - Adobe Acrobat DLL Loading Arbitrary Code Execution Vulnerability (CVE-2016-1008)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share


DNS Client
1007425 - ISC BIND OpenPGP Key Handler Denial Of Service Vulnerability (CVE-2015-5986)
1007465 - ISC BIND Response Handler Denial Of Service Vulnerability (CVE-2015-8000)


Microsoft Office
1007667* - Microsoft Office Information Disclosure Vulnerability (CVE-2016-3234)
1007617* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0126)
1007885* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3316)


Remote Desktop Protocol Server
1007969 - Identified Suspicious Remote Desktop Protocol (RDP) Brute Force Attempt


Web Client Common
1007998 - Adobe Acrobat And Reader Multiple Memory Corruption Vulnerabilities (APSB16-33) - 1
1007997 - Adobe Acrobat And Reader Multiple Memory Corruption Vulnerabilities (APSB16-33) - 2
1007999 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-33) - 1
1008000 - Adobe Acrobat And Reader Multiple Security Vulnerabilities (APSB16-33) - 2
1007678* - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-4138)
1007996 - Adobe Flash Player Multiple Security Vulnerabilities (APSB16-32)
1006391* - Identified Suspicious Obfuscated JavaScript - 1
1007929* - Microsoft PDF Library Remote Code Execution Vulnerability (CVE-2016-3370)
1007975* - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)


Web Client Internet Explorer/Edge
1007529 - Cumulative Security Update Of ActiveX Kill Bits - January 2016
1007926* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-3294)
1007921* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3295)
1007928* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3324)


Web Server Common
1005434* - Disallow Upload Of A PHP File
1007185* - Java Unserialize Remote Code Execution Vulnerability


Windows Services RPC Client
1007913* - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Microsoft Office
1007373* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-0010)
1007979 - Microsoft Office Memory Corruption Vulnerability (CVE-2016-7193)


Novell File Reporter (NFR) Agent
1005260* - Novell File Reporter SRS XML Server Request With Path Element Detected


OpenSSL
1007970* - OpenSSL OCSP Status Request Denial Of Service Vulnerability (CVE-2016-6304)


Suspicious Client Ransomware Activity
1007971* - Ransomware Fantom


Web Application Common
1000552* - Generic Cross Site Scripting(XSS) Prevention


Web Application PHP Based
1007641* - Magento Unauthenticated Arbitrary File Write Vulnerability (CVE-2016-4010)
1007739 - PHP TAR File Parsing Uninitialized Reference Vulnerability (CVE-2016-4343)


Web Client Common
1007995 - Microsoft Windows Diagnostics Hub Elevation Of Privilege (CVE-2016-7188)
1007974 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3209)
1007977 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3262)
1007978 - Microsoft Windows GDI+ Information Disclosure Vulnerability (CVE-2016-3263)
1007976 - Microsoft Windows Multiple Elevation Of Privilege Vulnerabilities (MS16-120)
1007989 - Microsoft Windows Multiple Security Vulnerabilities (MS16-118, MS16-119)
1007975 - Microsoft Windows Multiple Security Vulnerabilities (MS16-123)
1007988 - Microsoft Windows Multiple Security Vulnerabilities (MS16-124)


Web Client Internet Explorer/Edge
1007983 - Microsoft Edge Scripting Engine Information Disclosure Vulnerability (CVE-2016-7189)
1007984 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-3386)
1007982 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7190)
1007994 - Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CVE-2016-7194)
1007991 - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3267)
1007924* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3351)
1007920* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3247)
1007922* - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3297)
1007986 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3331)
1007987 - Microsoft Internet Explorer And Edge Memory Corruption Vulnerability (CVE-2016-3382)
1007985 - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-3298)
1007873* - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3288)
1007981 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3383)
1007980 - Microsoft Internet Explorer Memory Corruption Vulnerability (CVE-2016-3385)


Web Server Miscellaneous
1003741* - Adobe RoboHelp Server Authentication Bypass Vulnerability


Web Service HP SiteScope
1007742 - HP SiteScope DNS Tool Command Injection Vulnerability


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Application Control For File Sharing
1003682* - Application Control For Ares Galaxy


DNS Server
1007972 - ISC BIND Assertion Failure Denial Of Service Vulnerability (CVE-2016-2776)


Microsoft Office
1007939* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3357)


Suspicious Client Ransomware Activity
1007971 - Ransomware Fantom


Web Application PHP Based
1006794* - PHP 'main/rfc1867.c' Remote Denial Of Service Vulnerability


Web Client Common
1007784* - Adobe Acrobat And Reader Memory Corruption Vulnerability (CVE-2016-4251)
1007759* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4228)
1007871 - GNU Wget Arbitrary Commands Execution Vulnerability (CVE-2016-4971)
1007935* - Microsoft Windows Kernel Elevation Of Privilege Vulnerability (CVE-2016-3371)
1007659* - Microsoft Windows PDF Information Disclosure Vulnerability (CVE-2016-3215)


Web Server Miscellaneous
1007528 - GlassFish Java EE Application Server Arbitrary File Read Vulnerability


Windows Services RPC Client
1007897* - Microsoft Internet Explorer Information Disclosure Vulnerability Over SMB (CVE-2016-3321)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.
* indicates a new version of an existing rule

Deep Packet Inspection Rules:

DCERPC Services
1007596* - Identified Possible Ransomware File Extension Rename Activity Over Network Share
1007598* - Identified Possible Ransomware File Rename Activity Over Network Share


Microsoft Office
1002929* - Microsoft Excel Calendar Object Validation Vulnerability
1007887* - Microsoft Graphics Component Memory Corruption Vulnerability (CVE-2016-3318)
1007884* - Microsoft Office Memory Corruption Vulnerability (CVE-2016-3313)


NFS Server
1003401* - Disallow Device Node Creation Over NFS


OpenSSL
1007970 - OpenSSL OCSP Status Request Denial Of Service Vulnerability (CVE-2016-6304)


Web Application Common
1007518* - Identified Reflected File Download Attack


Web Application PHP Based
1007948* - Drupal RESTWS Module Page Callback Remote Code Execution Vulnerability
1007459* - Drupal XRDS Document Denial Of Service Vulnerability (CVE-2014-5267)
1007254* - PHP SplDoublyLinkedList Use After Free Vulnerability
1007252* - PHP jui_filter_rule Parsing Library Remote Code Execution Vulnerability


Web Application Ruby Based
1007530* - Ruby On Rails Action View Remote Code Execution Vulnerability (CVE-2016-0752)


Web Client Common
1007965 - Adobe Acrobat And Reader FlateDecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 1
1007966 - Adobe Acrobat And Reader FlateDecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 2
1007967 - Adobe Acrobat And Reader Font Stream Parsing Multiple Out-Of-Bounds Read Information Disclosure Vulnerability (APSB16-26) - 3
1007806 - Adobe Flash Player Buffer Overflow Vulnerability (CVE-2016-1103)
1007803 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1099)
1007804 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1100)
1007805 - Adobe Flash Player Memory Corruption Vulnerability (CVE-2016-1102)
1007808 - Adobe Flash Player Type Confusion Vulnerability (CVE-2016-1105)
1007565* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1013)
1007802 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1097)
1007809 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1106)
1007810 - Adobe Flash Player Use After Free Vulnerability (CVE-2016-1109)
1007758* - Adobe Flash Player Use After Free Vulnerability (CVE-2016-4227)
1007880* - Microsoft PDF Remote Code Execution Vulnerability (CVE-2016-3319)
1007936* - Microsoft Windows Elevation Of Privilege Vulnerability (CVE-2016-3373)
1007881* - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3301)
1007883* - Microsoft Windows Graphics Component Remote Code Execution Vulnerability (CVE-2016-3304)
1007951 - Microsoft XML Core Services XMLHttpRequest 'SetCookie2' Header Information Disclosure Vulnerability
1005924* - Restrict Download Of EICAR Test File Over HTTP


Web Client Internet Explorer/Edge
1007615* - Microsoft Edge Memory Corruption Vulnerability (CVE-2016-0191)
1007878* - Microsoft Internet Explorer And Edge Information Disclosure Vulnerability (CVE-2016-3326)
1007428* - Microsoft Internet Explorer Information Disclosure Vulnerability (CVE-2016-0059)
1007896* - Microsoft Internet Explorer Information Disclosure Vulnerability Over WebDAV (CVE-2016-3321)
1007613* - Microsoft Internet Explorer Scripting Engine Memory Corruption Vulnerability (CVE-2016-0189)


Web Server Common
1007872* - HTTP Proxy Header Injection Vulnerabilities
1007185* - Java Unserialize Remote Code Execution Vulnerability
1007914* - Symfony Security Component Denial Of Service Vulnerability


Web Server Miscellaneous
1007646* - Apache Struts JRE URLDecoder Cross-Site Scripting Vulnerability (CVE-2016-4003)
1007737* - Apache Struts Url Validator Denial Of Service Vulnerability (CVE-2016-4465)
1005221* - Identified Suspicious Novell ZENworks Asset Management rtrlet Component Authentication Bypass


Windows Services RPC Client
1007913 - Identified Possible Ransomware File Extension Rename Activity Over Network Share - Client
1007912 - Identified Possible Ransomware File Rename Activity Over Network Share - Client


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.